diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2003-07-24 06:52:13 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2003-07-24 06:52:13 +0000 |
commit | 0410e32f47c0dcfc3385a1db2ee44f8bb35c10c4 (patch) | |
tree | 5050f4c269f589b71cf440fe69aab4d00b269703 | |
parent | acb98497fb7ff75362491d1c17a5e01fe2beb5b8 (diff) |
- (bal) [auth-passwd.c openbsd-compat/Makefile.in openbsd-compat/xcrypt.c
openbsd-compat/xcrypt.h] Split off encryption into xcrypt() interface,
and isolate shadow password functions. Tested in Solaris, but should
not break other platforms too badly (except maybe HP =). Also brings
auth-passwd.c into full sync with OpenBSD tree.
-rw-r--r-- | ChangeLog | 9 | ||||
-rw-r--r-- | auth-passwd.c | 196 | ||||
-rw-r--r-- | openbsd-compat/Makefile.in | 4 | ||||
-rw-r--r-- | openbsd-compat/xcrypt.c | 123 | ||||
-rw-r--r-- | openbsd-compat/xcrypt.h | 28 |
5 files changed, 219 insertions, 141 deletions
@@ -1,3 +1,10 @@ | |||
1 | 20030724 | ||
2 | - (bal) [auth-passwd.c openbsd-compat/Makefile.in openbsd-compat/xcrypt.c | ||
3 | openbsd-compat/xcrypt.h] Split off encryption into xcrypt() interface, | ||
4 | and isolate shadow password functions. Tested in Solaris, but should | ||
5 | not break other platforms too badly (except maybe HP =). Also brings | ||
6 | auth-passwd.c into full sync with OpenBSD tree. | ||
7 | |||
1 | 20030723 | 8 | 20030723 |
2 | - (dtucker) [configure.ac] Back out change for bug #620. | 9 | - (dtucker) [configure.ac] Back out change for bug #620. |
3 | 10 | ||
@@ -721,4 +728,4 @@ | |||
721 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. | 728 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. |
722 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au | 729 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au |
723 | 730 | ||
724 | $Id: ChangeLog,v 1.2864 2003/07/23 04:33:10 dtucker Exp $ | 731 | $Id: ChangeLog,v 1.2865 2003/07/24 06:52:13 mouring Exp $ |
diff --git a/auth-passwd.c b/auth-passwd.c index f078eddd5..c0b7f725f 100644 --- a/auth-passwd.c +++ b/auth-passwd.c | |||
@@ -42,46 +42,14 @@ RCSID("$OpenBSD: auth-passwd.c,v 1.27 2002/05/24 16:45:16 stevesk Exp $"); | |||
42 | #include "log.h" | 42 | #include "log.h" |
43 | #include "servconf.h" | 43 | #include "servconf.h" |
44 | #include "auth.h" | 44 | #include "auth.h" |
45 | #include "buffer.h" | 45 | #include "openbsd-compat/xcrypt.h" |
46 | #include "xmalloc.h" | 46 | #ifdef WITH_AIXAUTHENTICATE |
47 | #include "canohost.h" | 47 | # include "buffer.h" |
48 | 48 | # include "canohost.h" | |
49 | #if !defined(HAVE_OSF_SIA) | 49 | extern Buffer loginmsg; |
50 | /* Don't need any of these headers for the SIA cases */ | 50 | #endif |
51 | # ifdef HAVE_CRYPT_H | ||
52 | # include <crypt.h> | ||
53 | # endif | ||
54 | # ifdef __hpux | ||
55 | # include <hpsecurity.h> | ||
56 | # include <prot.h> | ||
57 | # endif | ||
58 | # ifdef HAVE_SECUREWARE | ||
59 | # include <sys/security.h> | ||
60 | # include <sys/audit.h> | ||
61 | # include <prot.h> | ||
62 | # endif /* HAVE_SECUREWARE */ | ||
63 | # if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) | ||
64 | # include <shadow.h> | ||
65 | # endif | ||
66 | # if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) | ||
67 | # include <sys/label.h> | ||
68 | # include <sys/audit.h> | ||
69 | # include <pwdadj.h> | ||
70 | # endif | ||
71 | # if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) | ||
72 | # include "md5crypt.h" | ||
73 | # endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */ | ||
74 | |||
75 | # ifdef HAVE_CYGWIN | ||
76 | # undef ERROR | ||
77 | # include <windows.h> | ||
78 | # include <sys/cygwin.h> | ||
79 | # define is_winnt (GetVersion() < 0x80000000) | ||
80 | # endif | ||
81 | #endif /* !HAVE_OSF_SIA */ | ||
82 | 51 | ||
83 | extern ServerOptions options; | 52 | extern ServerOptions options; |
84 | extern Buffer loginmsg; | ||
85 | 53 | ||
86 | /* | 54 | /* |
87 | * Tries to authenticate the user using password. Returns true if | 55 | * Tries to authenticate the user using password. Returns true if |
@@ -92,25 +60,6 @@ auth_password(Authctxt *authctxt, const char *password) | |||
92 | { | 60 | { |
93 | struct passwd * pw = authctxt->pw; | 61 | struct passwd * pw = authctxt->pw; |
94 | int ok = authctxt->valid; | 62 | int ok = authctxt->valid; |
95 | #if !defined(HAVE_OSF_SIA) | ||
96 | char *encrypted_password; | ||
97 | char *pw_password; | ||
98 | char *salt; | ||
99 | # if defined(__hpux) || defined(HAVE_SECUREWARE) | ||
100 | struct pr_passwd *spw; | ||
101 | # endif /* __hpux || HAVE_SECUREWARE */ | ||
102 | # if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) | ||
103 | struct spwd *spw; | ||
104 | # endif | ||
105 | # if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) | ||
106 | struct passwd_adjunct *spw; | ||
107 | # endif | ||
108 | # ifdef WITH_AIXAUTHENTICATE | ||
109 | char *authmsg; | ||
110 | int authsuccess; | ||
111 | int reenter = 1; | ||
112 | # endif | ||
113 | #endif /* !defined(HAVE_OSF_SIA) */ | ||
114 | 63 | ||
115 | /* deny if no user. */ | 64 | /* deny if no user. */ |
116 | if (pw == NULL) | 65 | if (pw == NULL) |
@@ -122,13 +71,12 @@ auth_password(Authctxt *authctxt, const char *password) | |||
122 | if (*password == '\0' && options.permit_empty_passwd == 0) | 71 | if (*password == '\0' && options.permit_empty_passwd == 0) |
123 | ok = 0; | 72 | ok = 0; |
124 | 73 | ||
125 | #if defined(HAVE_OSF_SIA) | ||
126 | if (!ok) | 74 | if (!ok) |
127 | return 0; | 75 | return 0; |
76 | |||
77 | #if defined(HAVE_OSF_SIA) | ||
128 | return auth_sia_password(authctxt, password); | 78 | return auth_sia_password(authctxt, password); |
129 | #else | 79 | #else |
130 | if (!ok) | ||
131 | return 0; | ||
132 | # ifdef KRB5 | 80 | # ifdef KRB5 |
133 | if (options.kerberos_authentication == 1) { | 81 | if (options.kerberos_authentication == 1) { |
134 | int ret = auth_krb5_password(authctxt, password); | 82 | int ret = auth_krb5_password(authctxt, password); |
@@ -148,32 +96,40 @@ auth_password(Authctxt *authctxt, const char *password) | |||
148 | } | 96 | } |
149 | # endif | 97 | # endif |
150 | # ifdef WITH_AIXAUTHENTICATE | 98 | # ifdef WITH_AIXAUTHENTICATE |
151 | authsuccess = (authenticate(pw->pw_name,password,&reenter,&authmsg) == 0); | 99 | { |
152 | aix_remove_embedded_newlines(authmsg); | 100 | char *authmsg; |
153 | 101 | int reenter = 1; | |
154 | if (authsuccess) { | 102 | int authsuccess = (authenticate(pw->pw_name, password, |
155 | char *msg; | 103 | &reenter, &authmsg) == 0); |
156 | char *host = (char *)get_canonical_hostname(options.use_dns); | 104 | aix_remove_embedded_newlines(authmsg); |
157 | 105 | ||
158 | debug3("AIX/authenticate succeeded for user %s: %.100s", | 106 | if (authsuccess) { |
159 | pw->pw_name, authmsg); | 107 | char *msg; |
160 | 108 | char *host = | |
161 | /* We don't have a pty yet, so just label the line as "ssh" */ | 109 | (char *)get_canonical_hostname(options.use_dns); |
162 | if (loginsuccess(authctxt->user, host, "ssh", &msg) == 0){ | 110 | |
163 | if (msg != NULL) { | 111 | debug3("AIX/authenticate succeeded for user %s: %.100s", |
164 | debug("%s: msg %s", __func__, msg); | 112 | pw->pw_name, authmsg); |
165 | buffer_append(&loginmsg, msg, strlen(msg)); | 113 | |
166 | xfree(msg); | 114 | /* No pty yet, so just label the line as "ssh" */ |
115 | if (loginsuccess(authctxt->user, host, "ssh", | ||
116 | &msg) == 0){ | ||
117 | if (msg != NULL) { | ||
118 | debug("%s: msg %s", __func__, msg); | ||
119 | buffer_append(&loginmsg, msg, | ||
120 | strlen(msg)); | ||
121 | xfree(msg); | ||
122 | } | ||
167 | } | 123 | } |
168 | } | 124 | } else |
169 | } else { | 125 | debug3("AIX/authenticate failed for user %s: %.100s", |
170 | debug3("AIX/authenticate failed for user %s: %.100s", | 126 | pw->pw_name, authmsg); |
171 | pw->pw_name, authmsg); | 127 | |
172 | } | 128 | if (authmsg != NULL) |
173 | if (authmsg != NULL) | 129 | xfree(authmsg); |
174 | xfree(authmsg); | ||
175 | 130 | ||
176 | return (authsuccess); | 131 | return (authsuccess); |
132 | } | ||
177 | # endif | 133 | # endif |
178 | # ifdef KRB4 | 134 | # ifdef KRB4 |
179 | if (options.kerberos_authentication == 1) { | 135 | if (options.kerberos_authentication == 1) { |
@@ -189,63 +145,27 @@ auth_password(Authctxt *authctxt, const char *password) | |||
189 | return 0; | 145 | return 0; |
190 | else | 146 | else |
191 | return 1; | 147 | return 1; |
192 | # endif | 148 | # else |
193 | pw_password = pw->pw_passwd; | 149 | { |
194 | 150 | char *pw_password = shadow_pw(pw); | |
195 | /* | ||
196 | * Various interfaces to shadow or protected password data | ||
197 | */ | ||
198 | # if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) | ||
199 | spw = getspnam(pw->pw_name); | ||
200 | if (spw != NULL) | ||
201 | pw_password = spw->sp_pwdp; | ||
202 | # endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ | ||
203 | |||
204 | # if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) | ||
205 | if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL) | ||
206 | pw_password = spw->pwa_passwd; | ||
207 | # endif /* defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) */ | ||
208 | |||
209 | # ifdef HAVE_SECUREWARE | ||
210 | if ((spw = getprpwnam(pw->pw_name)) != NULL) | ||
211 | pw_password = spw->ufld.fd_encrypt; | ||
212 | # endif /* HAVE_SECUREWARE */ | ||
213 | |||
214 | # if defined(__hpux) && !defined(HAVE_SECUREWARE) | ||
215 | if (iscomsec() && (spw = getprpwnam(pw->pw_name)) != NULL) | ||
216 | pw_password = spw->ufld.fd_encrypt; | ||
217 | # endif /* defined(__hpux) && !defined(HAVE_SECUREWARE) */ | ||
218 | 151 | ||
219 | /* Check for users with no password. */ | 152 | /* Check for users with no password. */ |
220 | if ((password[0] == '\0') && (pw_password[0] == '\0')) | 153 | /* XXX Reverted back to OpenBSD, why was this changed again? */ |
154 | if (strcmp(pw_password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) | ||
221 | return 1; | 155 | return 1; |
156 | else { | ||
157 | /* Encrypt the candidate password using the proper salt. */ | ||
158 | char *encrypted_password = xcrypt(password, | ||
159 | (pw_password[0] && pw_password[1]) ? pw_password : "xx"); | ||
160 | |||
161 | /* | ||
162 | * Authentication is accepted if the encrypted passwords | ||
163 | * are identical. | ||
164 | */ | ||
165 | return (strcmp(encrypted_password, pw_password) == 0); | ||
166 | } | ||
222 | 167 | ||
223 | if (pw_password[0] != '\0') | 168 | } |
224 | salt = pw_password; | 169 | # endif |
225 | else | ||
226 | salt = "xx"; | ||
227 | |||
228 | # ifdef HAVE_MD5_PASSWORDS | ||
229 | if (is_md5_salt(salt)) | ||
230 | encrypted_password = md5_crypt(password, salt); | ||
231 | else | ||
232 | encrypted_password = crypt(password, salt); | ||
233 | # else /* HAVE_MD5_PASSWORDS */ | ||
234 | # if defined(__hpux) && !defined(HAVE_SECUREWARE) | ||
235 | if (iscomsec()) | ||
236 | encrypted_password = bigcrypt(password, salt); | ||
237 | else | ||
238 | encrypted_password = crypt(password, salt); | ||
239 | # else | ||
240 | # ifdef HAVE_SECUREWARE | ||
241 | encrypted_password = bigcrypt(password, salt); | ||
242 | # else | ||
243 | encrypted_password = crypt(password, salt); | ||
244 | # endif /* HAVE_SECUREWARE */ | ||
245 | # endif /* __hpux && !defined(HAVE_SECUREWARE) */ | ||
246 | # endif /* HAVE_MD5_PASSWORDS */ | ||
247 | |||
248 | /* Authentication is accepted if the encrypted passwords are identical. */ | ||
249 | return (strcmp(encrypted_password, pw_password) == 0); | ||
250 | #endif /* !HAVE_OSF_SIA */ | 170 | #endif /* !HAVE_OSF_SIA */ |
251 | } | 171 | } |
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in index fb481efd2..c48593f7b 100644 --- a/openbsd-compat/Makefile.in +++ b/openbsd-compat/Makefile.in | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: Makefile.in,v 1.27 2003/06/05 08:52:48 djm Exp $ | 1 | # $Id: Makefile.in,v 1.28 2003/07/24 06:52:14 mouring Exp $ |
2 | 2 | ||
3 | sysconfdir=@sysconfdir@ | 3 | sysconfdir=@sysconfdir@ |
4 | piddir=@piddir@ | 4 | piddir=@piddir@ |
@@ -18,7 +18,7 @@ LDFLAGS=-L. @LDFLAGS@ | |||
18 | 18 | ||
19 | OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o vis.o | 19 | OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o vis.o |
20 | 20 | ||
21 | COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o xmmap.o | 21 | COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o xmmap.o xcrypt.o |
22 | 22 | ||
23 | PORTS=port-irix.o port-aix.o | 23 | PORTS=port-irix.o port-aix.o |
24 | 24 | ||
diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c new file mode 100644 index 000000000..167a23513 --- /dev/null +++ b/openbsd-compat/xcrypt.c | |||
@@ -0,0 +1,123 @@ | |||
1 | /* | ||
2 | * Copyright (c) 2003 Ben Lindstrom. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * 1. Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * 2. Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * | ||
13 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
14 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
15 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
16 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
17 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
18 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
19 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
20 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
21 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
23 | */ | ||
24 | |||
25 | #include "includes.h" | ||
26 | |||
27 | #if !defined(HAVE_OSF_SIA) | ||
28 | |||
29 | # ifdef HAVE_CRYPT_H | ||
30 | # include <crypt.h> | ||
31 | # endif | ||
32 | |||
33 | # ifdef __hpux | ||
34 | # include <hpsecurity.h> | ||
35 | # include <prot.h> | ||
36 | # endif | ||
37 | |||
38 | # ifdef HAVE_SECUREWARE | ||
39 | # include <sys/security.h> | ||
40 | # include <sys/audit.h> | ||
41 | # include <prot.h> | ||
42 | # endif | ||
43 | |||
44 | # if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) | ||
45 | # include <shadow.h> | ||
46 | # endif | ||
47 | |||
48 | # if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) | ||
49 | # include <sys/label.h> | ||
50 | # include <sys/audit.h> | ||
51 | # include <pwdadj.h> | ||
52 | # endif | ||
53 | |||
54 | # if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) | ||
55 | # include "md5crypt.h" | ||
56 | # endif | ||
57 | |||
58 | # ifdef HAVE_CYGWIN | ||
59 | # undef ERROR | ||
60 | # include <windows.h> | ||
61 | # include <sys/cygwin.h> | ||
62 | # define is_winnt (GetVersion() < 0x80000000) | ||
63 | # endif | ||
64 | |||
65 | char * | ||
66 | xcrypt(const char *password, const char *salt) | ||
67 | { | ||
68 | char *crypted; | ||
69 | |||
70 | # ifdef HAVE_MD5_PASSWORDS | ||
71 | if (is_md5_salt(salt)) | ||
72 | crypted = md5_crypt(password, salt); | ||
73 | else | ||
74 | crypted = crypt(password, salt); | ||
75 | # elsif defined(__hpux) && !defined(HAVE_SECUREWARE) | ||
76 | if (iscomsec()) | ||
77 | crypted = bigcrypt(password, salt); | ||
78 | else | ||
79 | crypted = crypt(password, salt); | ||
80 | # elsif defined(HAVE_SECUREWARE) | ||
81 | crypted = bigcrypt(password, salt); | ||
82 | # else | ||
83 | crypted = crypt(password, salt); | ||
84 | # endif | ||
85 | |||
86 | return crypted; | ||
87 | } | ||
88 | |||
89 | /* | ||
90 | * Handle shadowed password systems in a cleaner way for portable | ||
91 | * version. | ||
92 | */ | ||
93 | |||
94 | char * | ||
95 | shadow_pw(struct passwd *pw) | ||
96 | { | ||
97 | char *pw_password = pw->pw_passwd; | ||
98 | |||
99 | # if defined(HAVE_SHADOW_H) && !defined(DISABLED_SHADOW) | ||
100 | struct spwd *spw = getspnam(pw->pw_name); | ||
101 | |||
102 | if (spw != NULL) | ||
103 | pw_password = spw->sp_pwdp; | ||
104 | # endif | ||
105 | # if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) | ||
106 | struct passwd_adjunct *spw; | ||
107 | if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL) | ||
108 | pw_password = spw->pwa_passwd; | ||
109 | # elsif defined(HAVE_SECUREWARE) | ||
110 | struct pr_passwd *spw = getprpwnam(pw->pw_name); | ||
111 | |||
112 | if (spw != NULL) | ||
113 | pw_password = spw->ufld.fd_encrypt; | ||
114 | # elsif defined(__hpux) && !defined(HAVE_SECUREWARE) | ||
115 | struct pr_passwd *spw; | ||
116 | if (iscomsec() && (spw = getprpwnam(pw->pw_name)) != NULL) | ||
117 | pw_password = spw->ufld.fd_encrypt; | ||
118 | # endif | ||
119 | |||
120 | return pw_password; | ||
121 | } | ||
122 | |||
123 | #endif /* !defined(HAVE_OSF_SIA) */ | ||
diff --git a/openbsd-compat/xcrypt.h b/openbsd-compat/xcrypt.h new file mode 100644 index 000000000..16c55fc67 --- /dev/null +++ b/openbsd-compat/xcrypt.h | |||
@@ -0,0 +1,28 @@ | |||
1 | /* | ||
2 | * Copyright (c) 2003 Ben Lindstrom. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * 1. Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * 2. Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * | ||
13 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
14 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
15 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
16 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
17 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
18 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
19 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
20 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
21 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
23 | */ | ||
24 | |||
25 | #include "includes.h" | ||
26 | |||
27 | char *xcrypt(const char *password, const char *salt); | ||
28 | char *shadow_pw(struct passwd *pw); | ||